﻿<%@ Application Language="C#" %>

<script RunAt="server">

    void Application_Start(object sender, EventArgs e)
    {
        // Code that runs on application startup
        log4net.Config.XmlConfigurator.ConfigureAndWatch(new System.IO.FileInfo(Server.MapPath("~/log4net.config")));
    }
    protected void Application_BeginRequest(Object sender, EventArgs e)
    {
        // Response.Write("Test");
        // 防止外部非法提交信息 
        if (HttpContext.Current.Request.Form.Count > 0)
        {
            if (Request.UrlReferrer == null || string.Compare(Request.UrlReferrer.Host, Request.Url.Host, true) != 0)
            {
                Response.Write("系统检测到非法提交"); 
                log4net.ILog log = log4net.LogManager.GetLogger("Global.asax");
                log.Warn(string.Format("非法提交：IP地址：{0}", HZ.Fun.GetClientIP())); 
                Response.End();
            }
        }
        foreach (string str_t in this.Request.QueryString)
        {
            if (HZ.Fun.MaySqlInject(Request.QueryString[str_t].ToString()))
            { 
                Inject_Handle(Request.QueryString[str_t].ToString(), "QueryString"); 
            }
        }
        foreach (string str_t in this.Request.Form)
        {
            if (str_t == "__VIEWSTATE" || str_t == "__EVENTVALIDATION")
                continue;
            if (HZ.Fun.MaySqlInject(Request.Form[str_t].ToString()))
                Inject_Handle(Request.Form[str_t].ToString(), "Form");
        }
        foreach (string str in Request.Cookies) // cookie重点检测 
        {
            if (HZ.Fun.MaySqlInject(HttpContext.Current.Server.UrlDecode(Request.Cookies[str].Value)))
            {
                // HttpContext.Current.Response.Cookies.Clear(); // 清空客户端Cookie 
                Inject_Handle(Request.Cookies[str].ToString(), "Cookies");
            }
        }

    }
    void Application_End(object sender, EventArgs e)
    {
        //  Code that runs on application shutdown

    }

    void Application_Error(object sender, EventArgs e)
    {
        // Code that runs when an unhandled error occurs

    }

    void Session_Start(object sender, EventArgs e)
    {
        // Code that runs when a new session is started

    }

    void Session_End(object sender, EventArgs e)
    {
        // Code that runs when a session ends. 
        // Note: The Session_End event is raised only when the sessionstate mode
        // is set to InProc in the Web.config file. If session mode is set to StateServer 
        // or SQLServer, the event is not raised.

    }

    protected void Inject_Handle(string str, string src)
    {
        Response.Write("<span style=\"font-size: 13px; font-family: 微软雅黑; \">500 系统检测到非法字符串输入<br />");
        Response.Write(string.Format("非法字符串信息：{0}<br />", str));
        Response.Write("<a href=\"\">返回主页</a></span>");
        log4net.ILog log = log4net.LogManager.GetLogger("Global.asax");

        log.Warn(string.Format("SQL注入攻击检测：注入IP:{0}，注入内容： {1}，来源：{2}", HZ.Fun.GetClientIP(), str, src));
        Response.End();
    }
       
</script>

